CVSS: 4.6EPSS: 0%CPEs: 23EXPL: 0CVE-2015-4106
https://notcve.org/view.php?id=CVE-2015-4106
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors. QEMU no restringe correctamente el acceso a escritura al espacio PCI config para ciertos dispositivos PCI pass-through, lo que podría permitir a invitados x86 HVM locales obtener privilegios, causar una denegación de servicio (caída de host), obtener información sensible o posiblemente tener otro impacto no especificado a través de vectores desconocidos. • http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160154.html http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160171.html http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160685.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00029.html http://lists.opensuse.org/opensuse-security-announce&#x • CWE-863: Incorrect Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2014-4947
https://notcve.org/view.php?id=CVE-2014-4947
Buffer overflow in the HVM graphics console support in Citrix XenServer 6.2 Service Pack 1 and earlier has unspecified impact and attack vectors. Desbordamiento de buffer en el soporte de la consola de gráficos HVM en Citrix XenServer 6.2 Service Pack 1 y anteriores tiene impacto y vectores de ataque no especificados. • http://secunia.com/advisories/60027 http://support.citrix.com/article/CTX140984 http://www.securityfocus.com/bid/68659 http://www.securitytracker.com/id/1030604 https://exchange.xforce.ibmcloud.com/vulnerabilities/94631 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2014-4948
https://notcve.org/view.php?id=CVE-2014-4948
Unspecified vulnerability in Citrix XenServer 6.2 Service Pack 1 and earlier allows attackers to cause a denial of service and obtain sensitive information by modifying the guest virtual hard disk (VHD). Vulnerabilidad no especificada en Citrix XenServer 6.2 Service Pack 1 y anteriores permite a atacantes causar una denegación de servicio y obtener información sensible mediante la modificación del disco duro virtual invitado (VHD). • http://secunia.com/advisories/60027 http://support.citrix.com/article/CTX140984 http://www.securityfocus.com/bid/68660 http://www.securitytracker.com/id/1030604 https://exchange.xforce.ibmcloud.com/vulnerabilities/94632 •
CVSS: 3.2EPSS: 0%CPEs: 1EXPL: 0CVE-2012-5512
https://notcve.org/view.php?id=CVE-2012-5512
Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors. Un error índice de matriz en el controlador de HVMOP_set_mem_access en Xen v4.1 permite causar una denegación de servicio (caída del S.O.) u obtener información sensible a los administradores de sistemas operativos invitados en el HVM local a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00011.html http://secunia.com/advisories/51397 http://secunia.com/advisories/51486 http://secunia.com/advisories/51487 http://secunia.com/advisories/55082 http://security.gentoo.org/glsa/glsa-201309-24.xml h • CWE-16: Configuration •
CVSS: 5.6EPSS: 0%CPEs: 3EXPL: 0CVE-2012-3498
https://notcve.org/view.php?id=CVE-2012-3498
PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory via vectors related to a missing range check of map->index. PHYSDEVOP_map_pirq en Xen v4.1 y v4.2 y Citrix XenServer v6.0.2 y anteriores permite a un kernel OS HVM invitado causar una denegación de servicio (caída del host) y posiblemente leer hipervisor o memoria mediante vectores relacionados con una falta de comproebación de map->index. • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html http://lists.xen.org/archives/html/xen-announce/2012-09/msg00005.html http://osvdb.org/85198 http://secunia.com/advisories/ • CWE-20: Improper Input Validation •